Skip to Main content Skip to Navigation
Conference papers

KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks

Abstract : Besides cryptographic secrets, software-based side-channel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences. These attacks have also been demonstrated in JavaScript embedded in websites by a remote attacker. We extend the state-of-the-art with a new interrupt-based attack and the first Prime+ Probe attack on kernel interrupt handlers. Previously proposed countermeasures fail to prevent software-based keystroke timing attacks as they do not protect keystroke processing through the entire software stack. We close this gap with KeyDrown, a new defense mechanism against software-based keystroke timing attacks. KeyDrown injects a large number of fake keystrokes in the kernel, making the keystroke interrupt density uniform over time, i.e., independent of the real keystrokes. All keystrokes, including fake keystrokes, are carefully propagated through the shared library to make them indistinguishable by exploiting the specific properties of software-based side channels. We show that attackers cannot distinguish fake keystrokes from real keystrokes anymore and we evaluate KeyDrown on a commodity notebook as well as on Android smartphones. We show that KeyDrown eliminates any advantage an attacker can gain from using software-based side-channel attacks.
Document type :
Conference papers
Complete list of metadata

Cited literature [60 references]  Display  Hide  Download
Contributor : Clémentine Maurice <>
Submitted on : Wednesday, September 12, 2018 - 11:18:55 AM
Last modification on : Saturday, May 8, 2021 - 3:38:28 AM
Long-term archiving on: : Thursday, December 13, 2018 - 1:35:05 PM


Files produced by the author(s)



Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, et al.. KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks. Network and Distributed System Security Symposium, Feb 2018, San Diego, France. ⟨10.14722/ndss.2018.23027⟩. ⟨hal-01872534⟩



Record views


Files downloads